CVE-2005-3838 Information

Description

Multiple SQL injection vulnerabilities in search.php in IsolSoft Support Center 2.2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) lorder (2) Priority (3) Status (4) Category (5) searchvalue and (6) field parameter.

Reference

http://pridels0.blogspot.com/2005/11/isolsoft-support-center-sql-inj.html http://secunia.com/advisories/17728 http://securitytracker.com/id?1015270 http://www.osvdb.org/21102 http://www.securityfocus.com/bid/15570 http://www.vupen.com/english/advisories/2005/2592